Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for validating an updated set of data tuples used for authorizing Application Programming Interface (API) calls to an application, the method comprising: storing a plurality of policies along with a plurality of data tuples used for evaluating the plurality of policies; receiving the updated set of data tuples along with a first set of hash values for data tuples that are not in the received updated set; generating (i) a second set of hash values from the updated set of data tuples and (ii) an overall hash by using the received first set of hash values and the generated second set of hash values; and using the overall hash to validate the updated set of data tuples for use in evaluating one or more policies.
2. The method of claim 1, wherein the updated set of data tuples replaces another set of data tuples in the stored plurality of data tuples.
3. The method of claim 2, wherein using the overall hash comprises using a signature from an entity that is authorized to specify data tuples for the policies to validate the update set of data tuples.
4. The method of claim 3, wherein using the signature from the authorized entity comprises: generating a signature for the overall hash; comparing the generated signature with the signature from the authorized entity to determine whether the two signatures match; and when the signatures match, specifying that the updated set of data tuples has been validated as originating from the authorized entity.
5. The method of claim 1, wherein the updated set of data tuples are stored in a set of one or more JSON (JavaScript Object Notation) files.
6. The method of claim 5, wherein the set of JSON files are stored in a hierarchical document.
7. The method of claim 6, wherein the hierarchical document is a namespace.
8. The method of claim 6, wherein the hierarchical document further stores the plurality of policies.
9. The method of claim 8, wherein the plurality of policies are distributed by a first server while the updated set of data tuples are distributed by a different, second server.
10. The method of claim 1 further comprising using one or more data tuples in the updated set of data tuples to evaluate a first policy that is for authorizing a first API call to the application.
11. A non-transitory machine readable medium storing a program which when executed by at least one processing unit validates an updated set of data tuples used for authorizing Application Programming Interface (API) calls to an application, the program comprising sets of instructions for: storing a plurality of policies along with a plurality of data tuples used for evaluating the plurality of policies; receiving the updated set of data tuples along with a first set of hash values for data tuples that are not in the received updated set; generating (i) a second set of hash values from the updated set of data tuples and (ii) an overall hash by using the received first set of hash values and the generated second set of hash values; and using the overall hash to validate the updated set of data tuples for use in evaluating one or more policies.
12. The non-transitory machine readable medium of claim 11, wherein the updated set of data tuples replaces another set of data tuples in the stored plurality of data tuples.
13. The non-transitory machine readable medium of claim 12, wherein the set of instructions for using the overall hash comprises a set of instructions for using a signature from an entity that is authorized to specify data tuples for the policies to validate the update set of data tuples.
14. The non-transitory machine readable medium of claim 13, wherein the set of instructions for using the signature from the authorized entity comprises sets of instructions for: generating a signature for the overall hash; comparing the generated signature with the signature from the authorized entity to determine whether the two signatures match; and when the signatures match, specifying that the updated set of data tuples has been validated as originating from the authorized entity.
15. The non-transitory machine readable medium of claim 11, wherein the updated set of data tuples are stored in a set of one or more JSON (JavaScript Object Notation) files.
16. The non-transitory machine readable medium of claim 15, wherein the set of JSON files are stored in a hierarchical document.
17. The non-transitory machine readable medium of claim 16, wherein the hierarchical document is a namespace.
18. The non-transitory machine readable medium of claim 16, wherein the hierarchical document further stores the plurality of policies.
19. The non-transitory machine readable medium of claim 18, wherein the plurality of policies are distributed by a first server while the updated set of data tuples are distributed by a different, second server.
20. The non-transitory machine readable medium of claim 11, wherein the program further comprises a set of instructions for using one or more data tuples in the updated set of data tuples to evaluate a first policy that is for authorizing a first API call to the application.
Unknown
May 20, 2025
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.